JumpCloud, a directory platform that allows enterprises to authenticate, authorize and manage users and devices, said this week that a nation-state actor was behind a June breach of its systems that forced the company to reset customers’ API keys. While JumpCloud didn’t attribute the hackers to a particular nation, researchers at cybersecurity companies Crowdstrike and SentinelOne have today attributed the breach to North Korea-backed hackers called Lazarus, a well-known group known for targeting crypto entities such as the Ronin Network and Harmony’s Horizon Bridge. CrowdStrike has linked the JumpCloud attack to a "Labyrinth Chollima,” a sub-group of the notorious Lazarus hacking group that was also linked to the recent supply-chain attacks targeting enterprise phone maker 3CX.